Computing devices, such as smart phones and tablet computers, are quickly becoming ubiquitous tools used on a daily basis by many people. On many computing devices, especially mobile devices that have a higher risk of being misplaced or lost, security is a significant concern. As such, a typical computing device often utilizes some form of user authentication to verify the identity of the user and, thereby, control access to the computing device or specific, sensitive data and/or functionality. Oftentimes, user authentication is implemented as an active authentication procedure in which the user authentication requires some action by the user or otherwise interrupts the users interaction with the device to complete authentication. For example, many computing devices utilize some form of a password or personal identification number (PIN) authentication in which the user is required to enter the password or PIN. As most computing devices have some form of a physical or virtual keyboard, it is only natural that passwords would become the primary form of authentication for most applications, systems, and services. Of course, the advent of PDAs, smartphones, and tablets meant people no longer could be tethered to their physical keyboards. Touch-screen displays turned the screen into an input device, and virtual keyboards made it possible for users to continue using their passwords. However, the clunky hunt-and-peck user experience of typed passwords on a touch screen gave way to innovative variations on passwords. “Swipe authentication,” a variation on a PIN, allowed user to remember only a general geometric shape and play “connect the dots,” which many find easier to remember and input than a passcode or password. As such, innovation in touch screens has enabled innovation in authentication technique.
Many computing devices also include one or more sensors, which may be configured to sense various environmental or user conditions or criteria. Some user authentication systems utilize the sensors of the computing device. For example, some authentication systems rely on biometric sensors, such as a fingerprint scanner or retina scanner, to authenticate the user. However, the use of the biometric and/or other sensors of the computing device is typically implemented as an active authentication procedures, which requires the user to actively respond to the authentication similar to traditional passwords.